WordPress Vulnerabilities Database

WordPress 3.1.3 - SQL Injection Vulnerabilities

Product

WordPress

Description

Because of insufficient input validation in certain functions of WordPress it is possible to inject arbitrary SQL commands with the "Editor" role. In this way an attacker gets access to all records stored in database.